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Lawful  Interception 

Lawful  Interception  (LI)  is  the  legally  approved  surveillance  The  main  functions  of  any  LI  solution  are  to  access  Inter- 

of  telecommunication  services,  and  has  become  an  im-  ception-Related  Information  (IRI)  and  Content  of  Commu- 

portant  tool  for  law  enforcement  agencies  (LEAs)  around  nication  (CC)  from  the  telecommunications  network  and 

the  world  for  investigating  and  prosecuting  criminal  activi-  to  deliver  the  information  in  a standardized  format  via  the 

ties  and  terrorism.  Most  countries  have  passed  laws  that  handover  interface  to  one  or  more  monitoring  centers  of 

require  telecommunication  service  providers  to  support  law  enforcement  agencies.  Of  course,  before  surveillance 

LEAs  with  duly  authorized  requests  to  identify,  monitor,  and  can  take  place  interception  requests  must  be  approved 

deliver  all  of  the  electronic  communications  of  specified  and  appropriately  provisioned  to  the  Interception  Access 

individuals  and  groups.  While  regulations  and  requirements  Points  within  the  service  provider’s  network,  and  they  must 

vary  from  country  to  country,  international  and  US-American  be  carefully  and  accurately  terminated  after  the  intercep- 

standardization  bodies  like  ETSI  or  ANSI  have  developed  tion  authorization  expires.  In  addition,  high  security  requi- 

technical  standards  for  LI  that  will  facilitate  the  work  of  LEAs  rements  for  LI  systems  are  essential  to  prevent  possible 

and  help  operators  and  service  providers  to  minimize  their  manipulation  and  misuse, 

costs.  Although  various  standards  for  LI  use  different  termi- 
nology, the  basic  functional  model  shown  in  figure  1 applies 
to  all  LI  standards  and  to  all  network  and  service  types. 


General  LI  Architecture  (Functional  Model) 
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Figure  1:  Functional  model  for  lawful  interception 
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Utimaco  has  been  in  the  business  of  lawful  interception 
since  1994  and  has  installed  LI  Management  Systems  in 
more  than  seventy  countries  around  the  world.  As  an  active 
member  of  the  ETSI  LI  group,  Utimaco  has  participated  in 
developing  standards  and  in  ETSI  Plugtests1.  The  Utimaco 
Lawful  Interception  Management  System  (LIMS)  is  a 
comprehensive  solution  that  provides  state-of-the-art 
surveillance  capabilities  for  fixed  and  mobile  communi- 
cation networks  and  for  various  communication  services, 
including  traditional  circuit-switched  voice,  next-generation 
packet-switched  networks,  2G/3G  mobile  networks,  and 
Internet-based  services  like  e-mail  and  VoIP. 

The  LIMS  solution  usually  acts  as  a bridge  or  mediator 
between  the  service  provider's  network  and  the  LEA’s 
monitoring  centers. 


The  core  competency  of  the  Utimaco  LI  solution  is  its 
ability  to  interface  with  hundreds  of  different  elements  in  a 
provider’s  heterogeneous  network  and  to  filter  and  deliver 
target-specific  data  to  the  LEA  in  a standardized  format. 

The  LIMS  modular  architecture  provides  a future-proof 
path  for  operators  to  expand  their  LI  capabilities  through- 
out current  and  any  future  networks.  The  system  can  be 
configured  as  an  entry-level  single-server  solution  for 
thousands  of  subscribers  and  is  scalable  up  to  a multi- 
server cluster  that  enables  monitoring  in  networks  with  mil- 
lions of  subscribers. 

The  Utimaco  LIMS  solution,  as  illustrated  in  figure  2,  con- 
sists of  the  following  components: 


Figure  2:  Architecture  of  the  Utimaco  LIMS 
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x 1 , x2,  x3 : Internal  Network  Interfaces  for  L / Provisioning,  IRI 
and  CC  exchange 

HI,  H2,  H3:  Standard  handover  interface  to  the  Law  Enforcement 
Agency  for  LI  Provisioning,  IRI  and  CC  exchange 


INI:  Internal  Network  Interface 
IRI:  Interception  Related  Information 
CC : Content  of  Communication 


1 Plugtests  are  interoperability  tests  organized  by  the  European  Telecommunications 
Standards  Institute  (ETSI).  Plugtest'*  is  a trademark  of  ETSI 
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Utimaco  LIMS™ 


LIMS. Management  Server  " 

The  Management  Server,  the  core  component  of  the  LIMS 
system;  incorporates  the  administration  system  for  all  system, 
modules,  the  user  interface,  as  well  as  security  management 
for  the  whole  system.  The  server  maintains  a central  data- 
base of  all  intercept  targets  and  authorized  LEAs.  Once  an 
intercept  target  is  entered  into  the  Management  Server,  it 
is  automatically  provisioned  to  the  appropriate  interception 
access  point  in  the  network. 

LIMS  Mediation  Devices 

The  LIMS  Mediation  Devices  perform  all  tasks  related  to 
the  delivery  of  intercepted  communications  to  the  autho- 
rized law  enforcement  agency.  Mediation  encompasses 
the  conversion  and  mapping  of  interception  data  received 
from  the  internal  network  to  the  appropriate  formats,  pro- 
tocols and  interfaces  as  required  by  the  LEAs.  Also,  Inter- 
cept Related  Information  sometimes  needs  to  be  stored 
intermediately  in  the  Mediation  Device  before  it  can  be 
forwarded  to  its  final  recipient. 

Utimaco  offers  the  industry's  broadest  list  of  mediation 
devices  supporting  a wide  range  of  network  technologies, 
services,  protocols  and  standards.  There  are  LIMS  Media- 
tion Devices  for  more  than  200  different  network  elements 
of  all  major  vendors.  Delivery  of  intercepted  data  is  com- 
pliant with  various  national  regulations  and  national  and 
international  standards  including  CALEA,  ATIS,  ETSI  and 
3GPP  standards. 

LIMS  Access  Points 

Depending  on  the  network  topology  and  capabilities, 
Utimaco  recommends  either  active  or  passive  approaches  to 
intercepting  communication  data.  In  passive  mode,  network 
probes  are  integrated  into  the  operator’s  network  to  filter,  de- 
code and  forward  intercept  data  to  the  LIMS,  respectively  to 
the  appropriate  Mediation  Device.  Utimaco  has  developed 
specialized  network  probes  for  deep-packet  inspection  of  va- 
rious communication  services  and  application  protocols  such 
as  e-mail,  webmail,  Internet  access,  instant  messaging,  Voice- 
over-IP  and  other  IP-based  services.  Active  interception,  on 
the  other  hand,  refers  to  the  method  of  managing  integrated 
interception  capabilities  of  the  available  network  elements, 
like  switches  or  routers.  In  many  real-world  deployments  a 
mixture  of  active  and  passive  interception  techniques  pro- 
vides the  best  results  or  is  the  only  available  option. 


LIMS  Decoder 

The  LIMS  Decoder  module  can  be  used  to  enable  LI  in 
networks  where  the  communication  session  is  SSL/TLS 
encrypted  between  the  user  and  the  provider's  servers. 
In  e-mail  environments,  for  instance,  the  LIMS  Decoder 
is  able  to  decrypt  POP3S,  SMTPS  or  IMAPS  sessions 
before  the  e-mails  can  be  monitored  and  filtered  by  the 
Interception  Access  Point. 


LIMS  Gateway 

This  modular  media  gateway  handles  the  real-time  con- 
version between  packet-switched  networks  and  circuit- 
switched  networks.  The  LIMS  Gateway  is  often  needed  in 
VoIP  networks  where  the  handover  interface  to  the  LEAs 
requires  conversion  of  RTP  media  streams  into  TDM 


(Time  Division  Multiplexing)  signals.  In  addition  to  the 
media  conversion,  the  LIMS  Gateway  can  also  act  as  a sig- 
naling gateway  between  SS7,  ISDN  and  SIP.  The  product’s 
modular  hardware  concept  enables  customized  solutions 
for  small  networks,  as  well  as  for  large  networks  supporting 
from  60  to  3,360  simultaneous  calls. 
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LIMS  Remote  Provisioning  Unit’  . ' 

All  administrative  and  operational  functions  of  the  LtMS 
Management  System  can  be  accessed  remotely  using 
the  same  graphical  user  interface  as  on  the  local  manage- 
ment console.  The  LIMS  Remote  Provisioning  Unit  (RPU) 
ensures  that  the  same  security  policies  apply  to  both 
remote  sessions  and  to  local  operation. 


Utimaco  LIMS  runs  on  industry-standard  servers  by 
Oracle®  with  Oracle  Solaris®  operating  system.  Customers 
can  choose  from  single-server  configurations  for  small 
networks  up  to  multi-server  clusters  for  large  networks  with 
millions  of  subscribers  and  thousands  of  intercept  targets. 
The  LIMS  Gateway  is  a highly  modular  blade  system  with 
eight  slots  for  different  CPU,  DSP  and  line  card  modules. 


LIMS  Loadbalancing  Option 

Utimaco  LIMS  is  well  prepared  to  scale  with  the  ever  in- 
creasing bandwidth  requirements  in  modern  telecom  net- 
works. Dynamic  loadbalancing  algorithms  distribute  inter- 
cepted data  evenly  among  a range  of  mediation  devices. 


LIMS  High-Ayailabjlity  Option 

The  high-availability  option  for  LIMS  enables  operators  to 
build  robust  LI  systems  with  99,999%  availability.  The  ad- 
vanced Utimaco  system  monitoring  software  recognizes  all 
kind  of  potential  failures  and  bottlenecks  and  automatically 
switches  system  processes  to  hot-standby  servers  when 
necessary. 
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Utimaco  LIMS™  - 

Key  Advantages 

State-of-the-Art  Interception  System 

After  over  16  years  of  experience  and  continuous  improve- 
ment, the  Utimaco  LIMS  has  matured  from  a surveillance 
system  for  mobile  networks  to  a complete  interception 
suite  for  various  kinds  of  networks  and  services.  Today 
Utimaco  offers  the  industry’s  most  comprehensive  list  of 
supported  vendor  network  elements  and  enables  lawful 
interception  in  virtually  any  wireless  and  wireline  network 
supporting  multiple  services,  including  telephony,  fax,  SMS, 
MMS,  Push-to-Talk,  Internet  access,  e-mail,  VoIP  and  other 
IP-based  services.  |n  its  entire  software  and  hardware 
architecture  the  Utimaco  solution  has  been  designed  as  a 
carrier-grade  system  that  meets  highest  security,  reliability 
and  performance  criteria.  The  Utimaco  LIMS  solution  is 
approved  by  national  regulatory  bodies  and  is  used  by  more 
than  150  operators  worldwide. 

Standards  Compliance 

Utimaco  LIMS  is  designed  to  comply  with  national  and 
international  lawful  interception  standards  developed  by 
ETSI,  3GPP,  ATIS  and  CableLabs.  Utimaco  shares  its 
experience  and  expertise  in  standards  with  partners  and 
customers  to  continuously  optimize  the  solution  and  to 
meet  specific  requirements  according  to  individual  tech- 
nical and  legislative  prerequisites. 

Cost-Efficiency 

The  Utimaco  LIMS  is  a centralized  system  that  serves  all 
Ll-related  tasks  of  multiple  LEAs  on  a heterogeneous  ser- 
vice network.  By  using  one  single  point  of  access,  opera- 
tors can  reduce  their  administration  costs  by  simplifying 
the  communication  with  LEAs  and  by  reducing  the  effort 
for  the  provisioning  of  surveillance  operations  in  the  net- 
work. Operators  can  initiate,  modify  or  delete  any  LI  re- 
quest on  the  entire  network  in  a matter  of  minutes  with  the 
easy-to-use  Utimaco  LIMS  graphical  user  interface.  Once 
installed  in  the  network,  Utimaco  LIMS  is  almost  mainte- 
nance-free. Optional  system  upgrades,  for  example,  for 
new  services  or  new  network  equipment,  can  be  provi- 
ded cost-efficiently  by  Utimaco  as  part  of  a maintenance 
agreement  or  on  an  as-needed  basis. 


Security  and  Reliability 

IT  security  has  been  Utimaco’s  core  business  since  its  foun- 
dation in  1 983.  As  such,  Utimaco  thoroughly  understands  the 
security  and  privacy  aspects  of  lawful  interception  and  has 
implemented  end-to-end  security  mech-anisms  throughout 
the  entire  LIMS  system. 


The  data  security  features  of  LIMS™  include: 


♦ Authentication  and  authorization  by  using  a 
granular  rights  management  system  that  enables 
accurate  definition  of  administrative  and  opera- 
tional tasks  (role-based  access  control). 

♦ Full  audit  trail  with  detailed  accounting  of  all  user  and 
system  events  to  avoid  misuse  and  manipulation. 

♦ Integrated  alarm  system  to  alert  for  system  failures. 

♦ Regular  consistency  checks  to  guarantee  the  data 
integrity  in  the  target  database  and  on  the  intercep- 
tion access  points  in  the  network. 

♦ Encryption  of  internal  and  external  data  traffic. 

♦ Encrypted  storage  of  all  sensitive  data  records, 
and  complete  removal  of  user  data  after  expiration 
of  the  LI  request. 

♦ Transparent  separation  of  different  LEAs  and  LI 
requests,  and  isolated  delivery  of  interception  data 
to  multiple  LEAs, 

♦ No  back  doors:  The  Utimaco  LIMS  never  permits 
access  to  unauthorized  users  or  by  means  other 
than  those  described  in  the  documentation. 

The  Utimaco  LIMS  security  has  been  verified  by 
official  regulatory  bodies,  and  interception  results 
have  been  successfully  approved  by  international 
courts  as  admissible  evidence. 
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Utimaco  LIMS 


Utimaco  LiiViS  • 


Managed  LI  Services 

The  LIMS  role-based  user  management,  together  with  its 
capability  to  serve  multiple  different  networks  and  LEAs 
concurrently,  allows  various  deployment  models  of  the 
lawful  interception  system.  Operators  can  either  install  and 
operate  the  LIMS  system  as  part  of  their  own  Operations 
Support  System  (OSS),  or  they  may  decide  to  use  the 
service  of  an  independent  LI  service  provider.  Utimaco 
has  selected  and  qualified  a number  of  LI  service  provi- 
ders who  can  effectively  take  over  all  administrative  tasks 
related  to  LI  and  thus  relieve  the  network  operator  of  unpro- 
fitable duties  and  reduce  the  costs  for  maintaining  and  up- 
grading systems. 


fvlOcl  ij  f 3f / gild:  si  sgf  g pIsa  rcfi  itgctti  rs 

While  the  system  is  designed  for  large-scale  networks  with 
millions  of  subscribers,  the  LIMS  suite  can  easily  be  ad- 
apted to  provide  an  economically  feasible  solution  for  net- 
works with  only  a few  thousand  users.  In  fact,  the  modular 
software  architecture  enables  operators  to  extend  the  sys- 
tem as  the  demand  for  lawful  interception  increases  and/ 
or  their  sub-scriber  base  grows.  Performance-critical  tasks 
and  processes  can  be  migrated  to  dedicated  servers  to  in- 
crease the  overall  system  capacity  and  throughput.  The 
underlying  hardware  platform,  based  on  Oracle®  servers, 
provides  the  solid  basis  for  a reliable,  scalable  system  with 
sufficient  performance  reserves  for  all  current  and  future 
network  sizes. 


Experience 

Utimaco  develops  high  security  solutions  for  corporate  and 
public  applications  and  was  one  of  the  first  companies 
worldwide  to  deploy  lawful  interception  solutions  for  mobile 
networks.  In  the  past  sixteen  years  Utimaco  has  gained 
extensive  experience  in  the  LI  market  and  has  installed  LI 
systems  in  more  than  sixty  countries  around  the  world. 


Cost-efficiency 

The  modular  architecture  of  Utimaco  LIMS  enables  cost- 
effective  and  customized  solutions  for  LI  projects  of  all  sizes. 
The  central  administration  of  intercepts  and  the  high  level 
of  automation  speeds  up  the  process  of  managing  court 
orders,  simplifies  the  cooperation  with  LEAs,  thus  leading  to 
countable  opex  reduction. 


Expertise 

Utimaco  is  an  active  member  of  several  national  and  in- 
ternational standardization  groups  and  maintains  contacts 
with  regulatory  bodies  and  LI  experts  worldwide.  In  all 
matters  relating  to  lawful  interception,  Utimaco  is  the  pre- 
ferred partner  of  many  of  the  leading  telecom  suppliers  and 
monitoring  center  vendors.  The  LIMS  solution  continues 
to  be  developed  and  maintained  by  a team  of  experienced 
engineers  who  have  worked  in  the  LI  field  for  many  years. 


Utimaco  is  a recognized  player  and  financially  stable 
public  company  in  the  worldwide  IT  security  industry. 
In  addition  to  our  technical  experience  in  lawful  intercep- 
tion, we  pay  very  close  attention  to  the  legal  aspects  of 
lawful  interception  and  regard  this  as  an  important  factor 
in  our  business.  As  a result,  the  Utimaco  LIMS  system 
strictly  conforms  to  the  appropriate  laws  and  regulations. 
Furthermore,  the  system  includes  numerous  security 
measures  to  prevent  misuse  by  unauthorized  persons. 


Global  Service  and  Support 

Utimaco  understands  that  LI  management  is  not  simply 
about  purchasing  hardware  and  software  - it‘s  about  im- 
plementing capabilities  according  to  national  legal  require- 
ments and  technical  prerequisites.  Utimaco  provides  the 
services,  support  and  resources  that  help  you  become 
compliant  with  these  requirements  while  minimizing  the 
costs  and  effort  for  installation  and  operation.  With  Utimaco’s 
help,  your  staff  can  accomplish  lawful  interception  while 
also  keeping  your  service  network  tuned  for  maximum 
performance  and  utilization.  Utimaco  provides  worldwi- 
de expert  consulting  services,  24x7  technical  assistance, 
online  support,  onsite  training  and  installation  services. 


The  modular  concept  of  LIMS  further  facilitates  the  integration 
of  new  network  interfaces  and  protocols  without  requiring  the 
reengineering  of  the  complete  system.  There  is  virtually  no 
limit  to  the  number  of  active  and  passive  Interception  Access 
Points  that  can  be  connected  and  operated  in  parallel. 


Compliance 

The  LIMS  solutions  comply  with  a large  number  of  internati- 
onal LI  standards  and  requirements.  Compatibility  with  net- 
work equipment  vendors  and  monitoring  center  suppliers  is 
an  important  benefit  of  the  solution,  and  Utimaco  verifies  this 
compatibility  on  an  ongoing  basis. 


Ulimaco  LIMS™ 


Utimaco  LIMS™  - 

Feature  Overview 


LI  Standards 

♦ ETSI  TS  101  671  (voice),  TS  101  331 
(generic),  ES  201  158  (generic),  TS  102  232-1 
to  102  232-6  (IP,  E-Mail,  VoIP) 

♦ ANSI/ATIS:  J-STD-025-B 

(Voice,  CDMA),  T1 ,678v2  (VoIP),  T1  .IPNA  (Inter- 
net, T1.IAS),  T1.724  (UMTS),  TIA-1072  (PoC) 

♦ 3GPP.  TS  33.106,  TS  33.107,  TS  33.108  (UMTS) 

♦ PacketCable  vl  .5  (Cable) 

Supported  Services 

♦ VoIP  (SIP,  H.323,  SCCP,  RTP) 

♦ GSM,  GPRS,  UMTS,  LTE 

♦ CDMA,  CDMA2000 

♦ SMS,  MMS,  Voicemail 

♦ Push-to-Talk  over  Cellular  (PoC) 

♦ PSTN  (Fixed  Telephony) 

♦ Broadband  Access  (DSL,  Cable,  WLAN,  WiMAX) 

♦ E-mail  (POP3,  SMTP,  IMAP,  webmail) 

♦ other  IP-based  services 

Performance 

♦ Max.  number  of  subscribers: 

scalable  from  1,000  up  to  millions  of  subscribers 
(virtually  unlimited) 

♦ Max.  number  of  targets:  scalable  up  to  thousands 
of  concurrent  LI  requests 

♦ Probe  Performance:  up  to  10  Gbps  (2,000,000  pps) 
and  25,000  targets  per  LIMS  Access  Point 


Vendor  Interfaces 

♦ Acme  Packet,  Alcatel-Lucent,  Arris,  Bridgewater, 
Broadsoft,  Casa,  Cisco,  Comverse,  Ericsson, 
Huawei,  Iptego,  Italtel,  Juniper,  Motorola,  Nokia- 
Siemens-Networks,  Nortel,  Oracle-Sun,  Redback, 
Unisys,  Sitronics,  Sonus,  Starent  Networks, 
Thomson-Cirpack,  Vocaltec,  ZTE  and  others 

Network  Interfaces 

♦ 1Gb-  10Gb  Ethernet,  X.25,  ISDN,  E1/T1, 
SDH/Sonet,  ATM,  SS7  interfaces 

Security 

♦ Role-Based  Access  Control 

♦ Detailed  accounting  (full  logging) 

♦ IPsec/SSL/'TLS  encryption 

♦ Encrypted  storage,  encrypted  backup 

♦ System  monitoring  and  alarms 

♦ System  redundancy 

♦ Disaster  recovery  system 

♦ Secure  remote  access 

Other  features 

♦ Integrated  accounting  and  billing  functions 

♦ Dynamic  load-balancing 

♦ Easy-to-use  graphical  user  interface 

♦ Remote  management  of  other  LI  systems 

♦ Multi-tenant  support 


utimaco 

a member  of  the  Sophos  Group 

www.utimaco.com/lims 

Utimaco  Safeware  AG 
Germanusstralie  4 
52080  Aachen 
Germany 

Phone  +49  (0)  241-16  96-0 
li-contact@utimaco.com 
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